[libvirt] [PATCH v2 0/5] qemu: Default to video type=virtio for machvirt
by Cole Robinson
This series aim is to change the qemu machvirt video type default to
virtio, but rather than continue to hack things into place in
domain_conf.c, this rearranges things to allow drivers to set a
video type default.
Patches 1 is a small prep change in the qemu code
Patches 2-4 are the plumbing to allow drivers to set their own default
Patch 5 is the actual default change
https://bugzilla.redhat.com/show_bug.cgi?id=1404112
v2:
Rebase
Push a few prep patches
Drop the (virDomainVideoType) annotations
Add patch #1
Cole Robinson (5):
qemu: whitelist valid video types
conf: domain: add VIDEO_TYPE_DEFAULT
conf: domain: move video type validation to DeviceDefValidate
qemu: Set default video type in qemu PostParse
qemu: Default to video type=virtio for machvirt
src/conf/domain_conf.c | 32 ++++++++-------
src/conf/domain_conf.h | 1 +
src/qemu/qemu_command.c | 3 ++
src/qemu/qemu_domain.c | 22 +++++++----
src/qemu/qemu_domain_address.c | 1 +
tests/domaincapsschemadata/full.xml | 1 +
.../qemuxml2argv-aarch64-video-default.args | 26 ++++++++++++
.../qemuxml2argv-aarch64-video-default.xml | 17 ++++++++
tests/qemuxml2argvtest.c | 6 +++
.../qemuxml2xmlout-aarch64-video-default.xml | 46 ++++++++++++++++++++++
tests/qemuxml2xmltest.c | 10 +++++
11 files changed, 142 insertions(+), 23 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-aarch64-video-default.args
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-aarch64-video-default.xml
create mode 100644 tests/qemuxml2xmloutdata/qemuxml2xmlout-aarch64-video-default.xml
--
2.13.5
7 years, 1 month
[libvirt] [PATCH v2] qemu: set bind mode for chardev while parsing XML
by Pavel Hrdina
Currently while parsing domain XML we clear the UNIX path if it matches
one of the auto-generated paths by libvirt. After that when the guest
is started new path is generated but the mode is also changed to "bind".
In the real-world use-case the mode should not change, it only happens
if a user provides a mode='connect' and path that matches one of the
auto-generated path or not provides a path at all.
Before *reconnect* feature was introduced there was no issue, but with
the new feature we need to make sure that it's used only with "connect"
mode, therefore we need to move the mode change into parsing in order
to have a proper error reported by validation code.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/qemu/qemu_domain.c | 13 +++++++++---
...muxml2argv-chardev-reconnect-generated-path.xml | 23 ++++++++++++++++++++++
tests/qemuxml2argvtest.c | 3 +++
3 files changed, 36 insertions(+), 3 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-chardev-reconnect-generated-path.xml
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index bf57f94a50..cbee151f5d 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -3766,8 +3766,17 @@ qemuDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
/* clear auto generated unix socket path for inactive definitions */
if ((parseFlags & VIR_DOMAIN_DEF_PARSE_INACTIVE) &&
dev->type == VIR_DOMAIN_DEVICE_CHR) {
- if (qemuDomainChrDefDropDefaultPath(dev->data.chr, driver) < 0)
+ virDomainChrDefPtr chr = dev->data.chr;
+ if (qemuDomainChrDefDropDefaultPath(chr, driver) < 0)
goto cleanup;
+
+ /* For UNIX chardev if no path is provided we generate one.
+ * This also implies that the mode is 'bind'. */
+ if (chr->source &&
+ chr->source->type == VIR_DOMAIN_CHR_TYPE_UNIX &&
+ !chr->source->data.nix.path) {
+ chr->source->data.nix.listen = true;
+ }
}
if (dev->type == VIR_DOMAIN_DEVICE_VIDEO) {
@@ -7441,8 +7450,6 @@ qemuDomainPrepareChannel(virDomainChrDefPtr channel,
return -1;
}
- channel->source->data.nix.listen = true;
-
return 0;
}
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-chardev-reconnect-generated-path.xml b/tests/qemuxml2argvdata/qemuxml2argv-chardev-reconnect-generated-path.xml
new file mode 100644
index 0000000000..3cb67ecdcc
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-chardev-reconnect-generated-path.xml
@@ -0,0 +1,23 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219136</memory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='i686' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <devices>
+ <emulator>/usr/bin/qemu-system-i686</emulator>
+ <controller type='virtio-serial' index='1'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x0a' function='0x0'/>
+ </controller>
+ <channel type='unix'>
+ <source mode='connect' path='/tmp/channel/domain-oldname/asdf'>
+ <reconnect enabled='yes' timeout='10'/>
+ </source>
+ <target type='virtio' name='asdf'/>
+ </channel>
+ <memballoon model='none'/>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 0c0bd16f94..18f06e5aa5 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1351,6 +1351,9 @@ mymain(void)
DO_TEST_PARSE_ERROR("chardev-reconnect-invalid-timeout",
QEMU_CAPS_NODEFCONFIG,
QEMU_CAPS_CHARDEV_RECONNECT);
+ DO_TEST_PARSE_ERROR("chardev-reconnect-generated-path",
+ QEMU_CAPS_NODEFCONFIG,
+ QEMU_CAPS_CHARDEV_RECONNECT);
DO_TEST("usb-controller",
QEMU_CAPS_NODEFCONFIG);
--
2.13.5
7 years, 1 month
[libvirt] [PATCH] qemu: set bind mode for chardev while parsing XML
by Pavel Hrdina
Currently while parsing domain XML we clear the UNIX path if it matches
one of the auto-generated paths by libvirt. After that when the guest
is started new path is generated but the mode is also changed to "bind".
In the real-world use-case the mode should not change, it only happens
if a user provides a mode='connect' and path that matches one of the
auto-generated path or not provides a path at all.
Before *reconnect* feature was introduced there was no issue, but with
the new feature we need to make sure that it's used only with "connect"
mode, therefore we need to move the mode change into parsing in order
to have a proper error reported by validation code.
Signed-off-by: Pavel Hrdina <phrdina(a)redhat.com>
---
src/conf/domain_conf.c | 8 ++++++++
src/qemu/qemu_domain.c | 6 +++---
...muxml2argv-chardev-reconnect-generated-path.xml | 23 ++++++++++++++++++++++
tests/qemuxml2argvtest.c | 3 +++
4 files changed, 37 insertions(+), 3 deletions(-)
create mode 100644 tests/qemuxml2argvdata/qemuxml2argv-chardev-reconnect-generated-path.xml
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index f7574d77b6..9fdd0f90fc 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -4421,6 +4421,14 @@ virDomainDeviceDefPostParseCommon(virDomainDeviceDefPtr dev,
chr->target.port = maxport + 1;
}
+
+ /* For UNIX chardev if no path is provided we generate one.
+ * This also implies that the mode is 'bind'. */
+ if (chr->source &&
+ chr->source->type == VIR_DOMAIN_CHR_TYPE_UNIX &&
+ !chr->source->data.nix.path) {
+ chr->source->data.nix.listen = true;
+ }
}
/* set default path for virtio-rng "random" backend to /dev/random */
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index bf57f94a50..ecad68d3bb 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -3489,8 +3489,10 @@ qemuDomainChrDefDropDefaultPath(virDomainChrDefPtr chr,
regexp = virBufferContentAndReset(&buf);
- if (virStringMatch(chr->source->data.nix.path, regexp))
+ if (virStringMatch(chr->source->data.nix.path, regexp)) {
VIR_FREE(chr->source->data.nix.path);
+ chr->source->data.nix.listen = true;
+ }
ret = 0;
cleanup:
@@ -7441,8 +7443,6 @@ qemuDomainPrepareChannel(virDomainChrDefPtr channel,
return -1;
}
- channel->source->data.nix.listen = true;
-
return 0;
}
diff --git a/tests/qemuxml2argvdata/qemuxml2argv-chardev-reconnect-generated-path.xml b/tests/qemuxml2argvdata/qemuxml2argv-chardev-reconnect-generated-path.xml
new file mode 100644
index 0000000000..3cb67ecdcc
--- /dev/null
+++ b/tests/qemuxml2argvdata/qemuxml2argv-chardev-reconnect-generated-path.xml
@@ -0,0 +1,23 @@
+<domain type='qemu'>
+ <name>QEMUGuest1</name>
+ <uuid>c7a5fdbd-edaf-9455-926a-d65c16db1809</uuid>
+ <memory unit='KiB'>219136</memory>
+ <vcpu placement='static'>1</vcpu>
+ <os>
+ <type arch='i686' machine='pc'>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <devices>
+ <emulator>/usr/bin/qemu-system-i686</emulator>
+ <controller type='virtio-serial' index='1'>
+ <address type='pci' domain='0x0000' bus='0x00' slot='0x0a' function='0x0'/>
+ </controller>
+ <channel type='unix'>
+ <source mode='connect' path='/tmp/channel/domain-oldname/asdf'>
+ <reconnect enabled='yes' timeout='10'/>
+ </source>
+ <target type='virtio' name='asdf'/>
+ </channel>
+ <memballoon model='none'/>
+ </devices>
+</domain>
diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 0c0bd16f94..18f06e5aa5 100644
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -1351,6 +1351,9 @@ mymain(void)
DO_TEST_PARSE_ERROR("chardev-reconnect-invalid-timeout",
QEMU_CAPS_NODEFCONFIG,
QEMU_CAPS_CHARDEV_RECONNECT);
+ DO_TEST_PARSE_ERROR("chardev-reconnect-generated-path",
+ QEMU_CAPS_NODEFCONFIG,
+ QEMU_CAPS_CHARDEV_RECONNECT);
DO_TEST("usb-controller",
QEMU_CAPS_NODEFCONFIG);
--
2.13.5
7 years, 1 month
[libvirt] [PATCH 0/5] chardev source reconnect cleanup and fixes
by Pavel Hrdina
Pavel Hrdina (5):
tests: remove unused file
conf: add reconnect to virDomainChrSourceDef(Copy|IsEqual)
tests: don't use unix socket path that matches auto-generated path
conf: make sure that chardev reconnect is formatted only for connect
mode
qemu: make sure that chardev reconnect is formatted only for connect
mode
src/conf/domain_conf.c | 24 ++++++++++++-----
src/qemu/qemu_command.c | 8 +++---
.../qemuxml2argv-channel-reconnect.args | 31 ----------------------
.../qemuxml2argv-chardev-reconnect.args | 6 ++---
.../qemuxml2argv-chardev-reconnect.xml | 4 +--
5 files changed, 26 insertions(+), 47 deletions(-)
delete mode 100644 tests/qemuxml2argvdata/qemuxml2argv-channel-reconnect.args
--
2.13.5
7 years, 1 month
[libvirt] [PATCH v3 REBASE 00/16] qemu: migration: show disks stats for nbd migration
by Nikolay Shirokovskiy
diff from v2:
============
1. Fix style issues.
2. Rework patch for fetching job info
(save logic to use temporary variable when drop vm lock)
3. Update disk stats when block jobs are canceled.
4. Adress a few more corner cases.
This patch series add disks stats to domain job info(stats) as
well as to migration completed event in case nbd scheme is used.
There is little nuisance with qcow2 disks (which is the main scenario
I guess) tied to the way qemu reports stats for this type of disks.
For example if we have 64G disk filled only to 1G then stats
start from 63G and will grow up to 64G on completion. The same way disk stats
will be reported by this patch.
I guess the better way to express the situation is to say we have 64G 'total',
and have 'processed' field grow from 0G to 1G, like in case of memory
stats. [1] is the example of completed memory stats of empty guest
domain, which show difference between processed and total.
There can be a workaround like getting initial blockjob offset position
as a zero but is is rather ugly and racy and like uses undocumented
behaviour.
Patches that were explicitly ACKed in previous review
(up to style issues) marked with A.
[1] memory migration stats example
Memory processed: 3.307 MiB
Memory remaining: 0.000 B
Memory total: 1.032 GiB
Nikolay Shirokovskiy (16):
qemu: drop code for VIR_DOMAIN_JOB_BOUNDED and timeRemaining
A qemu: introduce qemu domain job status
A qemu: introduce QEMU_DOMAIN_JOB_STATUS_POSTCOPY
A qemu: drop QEMU_MIGRATION_COMPLETED_UPDATE_STATS
A qemu: drop excessive zero-out in qemuMigrationFetchJobStatus
qemu: refactor fetching migration stats
A qemu: simplify getting completed job stats
qemu: fail querying destination migration statistics always
qemu: start all async job with job status active
qemu: introduce migrating job status
qemu: always get job condition on getting job stats
qemu: migrate: show disks stats on job info requests
qemu: support getting disks stats during stopping block jobs
qemu: migation: resolve race on getting job info and stopping block jobs
qemu: migrate: copy disks stats to completed job
qemu: migration: don't expose incomplete job as complete
src/qemu/qemu_blockjob.c | 1 +
src/qemu/qemu_domain.c | 38 +++++--
src/qemu/qemu_domain.h | 15 ++-
src/qemu/qemu_driver.c | 94 ++++++++--------
src/qemu/qemu_migration.c | 236 ++++++++++++++++++++++++++-------------
src/qemu/qemu_migration.h | 15 ++-
src/qemu/qemu_migration_cookie.c | 7 +-
src/qemu/qemu_monitor.c | 5 +-
src/qemu/qemu_monitor.h | 4 +-
src/qemu/qemu_monitor_json.c | 4 +-
src/qemu/qemu_process.c | 11 +-
tests/qemumonitorjsontest.c | 1 +
12 files changed, 272 insertions(+), 159 deletions(-)
--
1.8.3.1
7 years, 1 month
[libvirt] [PATCH] Add qcow2 cache configuration
by Liu Qing
Random write IOPS will drop dramatically if qcow2 l2 cache could not
cover the whole disk. This patch give libvirt user a chance to adjust
the qcow2 cache configuration.
Signed-off-by: Liu Qing <liuqing(a)huayun.com>
---
src/conf/domain_conf.c | 30 ++++++++++++++++++++++++++++++
src/qemu/qemu_command.c | 6 ++++++
src/util/virstoragefile.c | 3 +++
src/util/virstoragefile.h | 4 ++++
4 files changed, 43 insertions(+)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index d97aab4..06ca1de 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -8590,6 +8590,30 @@ virDomainDiskDefDriverParseXML(virDomainDiskDefPtr def,
VIR_FREE(tmp);
}
+ if ((tmp = virXMLPropString(cur, "l2-cache-size")) &&
+ (virStrToLong_ui(tmp, NULL, 10, &def->src->l2_cache_size) < 0)) {
+ virReportError(VIR_ERR_XML_ERROR,
+ _("Invalid l2-cache-size attribute in disk driver element: %s"),
+ tmp);
+ goto cleanup;
+ }
+
+ if ((tmp = virXMLPropString(cur, "refcount-cache-size")) &&
+ (virStrToLong_ui(tmp, NULL, 10, &def->src->refcount_cache_size) < 0)) {
+ virReportError(VIR_ERR_XML_ERROR,
+ _("Invalid refcount-cache-size attribute in disk driver element: %s"),
+ tmp);
+ goto cleanup;
+ }
+
+ if ((tmp = virXMLPropString(cur, "cache-clean-interval")) &&
+ (virStrToLong_ui(tmp, NULL, 10, &def->src->cache_clean_interval) < 0)) {
+ virReportError(VIR_ERR_XML_ERROR,
+ _("Invalid cache-clean-interval attribute in disk driver element: %s"),
+ tmp);
+ goto cleanup;
+ }
+
if ((tmp = virXMLPropString(cur, "detect_zeroes")) &&
(def->detect_zeroes = virDomainDiskDetectZeroesTypeFromString(tmp)) <= 0) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
@@ -21887,6 +21911,12 @@ virDomainDiskDefFormat(virBufferPtr buf,
virBufferAsprintf(&driverBuf, " iothread='%u'", def->iothread);
if (def->detect_zeroes)
virBufferAsprintf(&driverBuf, " detect_zeroes='%s'", detect_zeroes);
+ if (def->src->l2_cache_size > 0)
+ virBufferAsprintf(&driverBuf, " l2-cache-size='%u'", def->src->l2_cache_size);
+ if (def->src->refcount_cache_size > 0)
+ virBufferAsprintf(&driverBuf, " refcount-cache-size='%u'", def->src->refcount_cache_size);
+ if (def->src->cache_clean_interval > 0)
+ virBufferAsprintf(&driverBuf, " cache-clean-interval='%u'", def->src->cache_clean_interval);
virDomainVirtioOptionsFormat(&driverBuf, def->virtio);
diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
index 9a27987..7996eed 100644
--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -1430,6 +1430,12 @@ qemuBuildDriveSourceStr(virDomainDiskDefPtr disk,
qemuformat = "luks";
virBufferAsprintf(buf, "format=%s,", qemuformat);
}
+ if (disk->src->format == VIR_STORAGE_FILE_QCOW2 && disk->src->l2_cache_size > 0)
+ virBufferAsprintf(buf, "l2-cache-size=%u,", disk->src->l2_cache_size);
+ if (disk->src->format == VIR_STORAGE_FILE_QCOW2 && disk->src->refcount_cache_size > 0)
+ virBufferAsprintf(buf, "refcount-cache-size=%u,", disk->src->refcount_cache_size);
+ if (disk->src->format == VIR_STORAGE_FILE_QCOW2 && disk->src->cache_clean_interval > 0)
+ virBufferAsprintf(buf, "cache-clean-interval=%u,", disk->src->cache_clean_interval);
ret = 0;
diff --git a/src/util/virstoragefile.c b/src/util/virstoragefile.c
index fbc8245..c685331 100644
--- a/src/util/virstoragefile.c
+++ b/src/util/virstoragefile.c
@@ -2038,6 +2038,9 @@ virStorageSourceCopy(const virStorageSource *src,
ret->physical = src->physical;
ret->readonly = src->readonly;
ret->shared = src->shared;
+ ret->l2_cache_size = src->l2_cache_size;
+ ret->refcount_cache_size = src->refcount_cache_size;
+ ret->cache_clean_interval = src->cache_clean_interval;
/* storage driver metadata are not copied */
ret->drv = NULL;
diff --git a/src/util/virstoragefile.h b/src/util/virstoragefile.h
index 6c388b1..e7889d9 100644
--- a/src/util/virstoragefile.h
+++ b/src/util/virstoragefile.h
@@ -280,6 +280,10 @@ struct _virStorageSource {
/* metadata that allows identifying given storage source */
char *nodeformat; /* name of the format handler object */
char *nodestorage; /* name of the storage object */
+
+ unsigned l2_cache_size; /* qcow2 l2 cache size */
+ unsigned refcount_cache_size; /* qcow2 reference count table cache size */
+ unsigned cache_clean_interval; /* clean unused cache entries interval */
};
--
1.8.3.1
7 years, 1 month
[libvirt] [PATCH for 3.7.0] docs: Document yet another limitation of tx_queue_size
by Michal Privoznik
https://bugzilla.redhat.com/show_bug.cgi?id=1484234
Turns out, only vhostuser type of interfaces are supported
currently.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
I'd like to get this one in since the whole feature is being introduced in this
release.
docs/formatdomain.html.in | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in
index 19e869f12..8ca7637a4 100644
--- a/docs/formatdomain.html.in
+++ b/docs/formatdomain.html.in
@@ -5213,7 +5213,10 @@ qemu-kvm -net nic,model=? /dev/null
The default value is hypervisor dependent and may change
across its releases. Moreover, some hypervisors may pose
some restrictions on actual value. For instance, QEMU
- v2.9 requires value to be a power of two from [256, 1024] range.
+ v2.9 requires value to be a power of two from [256, 1024]
+ range. In addition to that, this may work only for a subset of
+ interface types, e.g. aforementioned QEMU enables this option
+ only for <code>vhostuser</code> type.
<span class="since">Since 3.7.0 (QEMU and KVM only)</span><br/><br/>
<b>In general you should leave this option alone, unless you
--
2.13.5
7 years, 1 month
[libvirt] [PATCH] rpc: avoid ssh interpreting malicious hostname as arguments
by Daniel P. Berrange
Inspired by the recent GIT / Mercurial security flaws
(http://blog.recurity-labs.com/2017-08-10/scm-vulns),
consider someone/something manages to feed libvirt a bogus
URI such as:
virsh -c qemu+ssh://-oProxyCommand=gnome-calculator/system
In this case, the hosname "-oProxyCommand=gnome-calculator"
will get interpreted as an argument to ssh, not a hostname.
Fortunately, due to the set of args we have following the
hostname, SSH will then interpret our bit of shell script
that runs 'nc' on the remote host as a cipher name, which is
clearly invalid. This makes ssh exit during argv parsing and
so it never tries to run gnome-calculator.
We are lucky this time, but lets be more paranoid, by using
'--' to explicitly tell SSH when it has finished seeing
command line options. This forces it to interpret
"-oProxyCommand=gnome-calculator" as a hostname, and thus
see a fail from hostname lookup.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
src/rpc/virnetsocket.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/rpc/virnetsocket.c b/src/rpc/virnetsocket.c
index d228c8a8c..23089afef 100644
--- a/src/rpc/virnetsocket.c
+++ b/src/rpc/virnetsocket.c
@@ -868,7 +868,7 @@ int virNetSocketNewConnectSSH(const char *nodename,
if (!netcat)
netcat = "nc";
- virCommandAddArgList(cmd, nodename, "sh", "-c", NULL);
+ virCommandAddArgList(cmd, "--", nodename, "sh", "-c", NULL);
virBufferEscapeShell(&buf, netcat);
if (virBufferCheckError(&buf) < 0) {
--
2.13.5
7 years, 1 month
[libvirt] [PATCH] Fix TLS test suites with gnutls 3.6.0
by Daniel P. Berrange
With gnutls 3.6.0, SHA1 is no longer accepted for certificate
signatures. We must usw SHA256 instead.
Signed-off-by: Daniel P. Berrange <berrange(a)redhat.com>
---
tests/virnettlshelpers.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/virnettlshelpers.c b/tests/virnettlshelpers.c
index 531d0b907..b735c4e2f 100644
--- a/tests/virnettlshelpers.c
+++ b/tests/virnettlshelpers.c
@@ -384,7 +384,7 @@ testTLSGenerateCert(struct testTLSCertReq *req,
* If no 'ca' is set then we are self signing
* the cert. This is done for the root CA certs
*/
- if ((err = gnutls_x509_crt_sign(crt, ca ? ca : crt, privkey)) < 0) {
+ if ((err = gnutls_x509_crt_sign2(crt, ca ? ca : crt, privkey, GNUTLS_DIG_SHA256, 0)) < 0) {
VIR_WARN("Failed to sign certificate %s", gnutls_strerror(err));
abort();
}
--
2.13.5
7 years, 1 month
[libvirt] [PATCH] lxcStateInitialize: Don't leak driver's caps
by Michal Privoznik
Funny thing. So when initializing LXC driver's capabilities,
firstly the virLXCDriverGetCapabilities() is called. This creates
new capabilities, stores them under driver->caps, ref() them and
return them. However, the return value is ignored. Secondly, the
function is called yet again and since we have driver->caps set,
they are ref()-ed again an returned. So in the end, driver's
capabilities have refcount of three when in fact they should have
refcount of one.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
src/lxc/lxc_driver.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 6eb88b0ba..784edad39 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -1660,7 +1660,7 @@ static int lxcStateInitialize(bool privileged,
if (!(lxc_driver->hostdevMgr = virHostdevManagerGetDefault()))
goto cleanup;
- if ((virLXCDriverGetCapabilities(lxc_driver, true)) == NULL)
+ if (!(caps = virLXCDriverGetCapabilities(lxc_driver, true)))
goto cleanup;
if (!(lxc_driver->xmlopt = lxcDomainXMLConfInit()))
@@ -1669,9 +1669,6 @@ static int lxcStateInitialize(bool privileged,
if (!(lxc_driver->closeCallbacks = virCloseCallbacksNew()))
goto cleanup;
- if (!(caps = virLXCDriverGetCapabilities(lxc_driver, false)))
- goto cleanup;
-
if (virFileMakePath(cfg->stateDir) < 0) {
virReportSystemError(errno,
_("Failed to mkdir %s"),
@@ -1700,6 +1697,7 @@ static int lxcStateInitialize(bool privileged,
goto cleanup;
virNWFilterRegisterCallbackDriver(&lxcCallbackDriver);
+ virObjectUnref(caps);
return 0;
cleanup:
--
2.13.5
7 years, 1 month